Schneider-Electric: >> Modicon M262 Firmware Security Vulnerabilities
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels.
CVSS Score
6.9
EPSS Score
0.005
Published
2026-03-10
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting
condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a
page containing the injected payload.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-07-11